Internet is a network with different kind of malicious codes which are publishable in it. A security Achilles’ heel can be enough for a misuse and an auto ran malicious code can affect on the system completely.
Indeed the most important influence is controlling computer by the attacker. The computer may be out of control for different misuse or goals.
In another case some computers are infected by different malwares and may be used as a tool for attacking somewhere, disabling a service, sending junk mails and stealing user’s information such as credit card and pass words for spy operations or financial abuse or even using its processing power.
Since approach to IT is inevitable, security is the main need of this approach. Today attention to the security and protection of Information and minimizing unauthorized access to them causes attention to the security of the networks and finding different ways of preventing unauthorized access and changes in computers and communication systems.
Information Technology Company
Network security is a broad concept. Mahdioun, CEO of ITC, called briefly security as keeping moved information safe into the network by the existing applications. In his opinion it includes viruses that destroy data and intrusions that steal them. As he said, the goal of data security is using a complex of securities, strategies, applications, hard and software to provide a situation free from threat for Data producing, refining, transferring and distributing.
Mahdioun referred to the clearing operation in the country and said to CITNA: “We have some virus cases into the country that the viruses have entered and infected some servers and the cleaning operation has not been done coherently then virus has migrated from the infected places to the cleaned ones. Therefore some viruses are turning into the country since 2003. It means that the cleaning operation done was not coordinated and each organization did it by itself so the problem has been updated again”.
Although many different ways designed to protect networks, officials have not been idle in this area and committee of “Data Exchange Space Security” (DESS) was organized in the ministry due to follow topics related to this case. The goal of this organization is to provide a safe situation for doing different affairs surely such as providing services.
ITC also step forward in this area. Establishing a Coordination Center for Computer Events Help Teams is the most important project of this sector which will be executed by this company.
CCCEHT (Coordination Center for Computer Events Help Teams) is a coordination center for aiming the improvement of network security and after establishing Computer Events Help Teams in each organization CCCEHT is responsible for coordinating them to react to each computer event.
This center not only is an intergroup Data Exchange center and proceeds when the event becomes public and there is need to a comprehensive help and aid but also does a series of common informing about the weak points and probable and common problems in the networks such as operating systems or software.
As CEO of ITC said CCCEHT service has been lunched since last year and started serving more than one year so its site alerts and informs the users.
What is CCCEHT?
CCCEHT is a focal point into ministry of ICT for doing coordinated steering activities of Data exchange space events. This center coordinates all Security Emergency Teams and Computer Help Centers all over the country to share their information as the same with the other groups and ensures updated knowledge.
What stage is CCCEHT at?
ITC has executed informing phase of Help Management and Computer Event Operating Coordination Center last year. Creating CSIRT, Computer Emergency Responding Team with subgroups of evaluation and analysis, Monitoring Team, Gathering and Updating Information Team, Responding to Hacking Team, Response Coordination Team, Maintaining and Supporting Team are in the company’s agenda.
As Alipour, Deputy of IT Development of ITC said it was supposed that CCCEHT organizes with the desired structure till the end of last solar year, 1388, but with a less delay we can access to our goals.
He referred in another dialogue to the first phase of lunching Computer Emergency Responding Team in five provincial Telecommunication centers and said: “To finalize CCCEHT plan the contractor has to lunch CERT and 5 CSIRT and their connection to CCCEHT base on international standards”.
As he said deputy of IT security development of ITC provides the projects related to IT Security and is responsible for responding to computer events and checking the problems occurred in the network or threats that can infect network security.
He restated that after lunching Center of CCEHT computer network security and events management will promote into the country and the space of data exchange security will be coordinated.
In his opinion complex of ISA, CCCEHT, CSIRT which will be lunched into the operators can keep national network security.
Each Organization or Company in IT area that has a server or a network has to lunch a center as an operation center of network security due to protect its network by giving all its network security event information to Computer Security Incident Response Team which called CSIRT.
CEO of IT said to CITNA: “All the ministries, companies, or even private associations have to lunch their CSIRT”.
He called CCCEHT as a problem solution and said: “Each CSIRT will be coordinated with CCCEHT in a hierarchical system to do coordinated response to the events”.
CEO of ITC referred to organize a team which issues ISMS certifications for all organizations especially public one as the other proceedings of the company in security area. He said: “when the organizations identify weaknesses and eliminate bugs we evaluate the networks and issue ISMS Certifications for them”.
He announced before about a statute in Social Commission of the Cabinet which obliged public organizations to implement security management system of their sites. This statute is notifying.
Mahdioun referred to this new proceeding which has been approved by the cabinet in last Esfand (March of 2010) and said: “We are preparing its instructions and equipping the teams”.
He pointed that as the organizations should make ready themselves they are informed that identify their weaknesses and eliminate them any way. Our forecast is that the organizations which are ready for security evaluation and ISMS Certifications issuance will be evaluated on the early of the next year by us.
As he called this proceeding continues and said: “It’s predicted that at least there is need to two years for certification issuance. In the first step all public organizations must receive the certification at least one time in a five-year process”.
He referred the period being feature of the certification and said: “This certification is periodic and we can’t claim that by having this certification we are safe for ever against the threats. But we predict that during next two years all the important organizations will be ready for evaluation.
Anyway Security problems include what? CEO of ITC divided the problems of this area into two parts and said: “Since we have deal with two categories of problems. One of them relates to the virus and malware which are too much and scattered. Each month we have one or two correspondence with different places. Some of them can clean and troubleshooting their systems and some of them who are not able to do can troubleshoot their system with our help”.
He introduced the other one as intrusions and hacking and said: “The most important event in last year was after the election that the public and governmental sites were intruded and hacked from the abroad”.
Cooperation with the Other Centers
As the deputy of ITC said, this company now cooperates with all sectors related to IT Security such as Passive Defense, Universities, ITRC, Center of ISA (Informing, Supporting & Aid), and Defense Sectors Experts.
Mahdioun talked about a MoU with some centers and organizations which are active in security area and said: “We have contract with some universities for analyzing malwares. We support also Iranian anti-viruses programmer and give them the analysis to add on their anti-virus Database and update them”.
Now malware analysis within the country appears to results. As deputy of ITC said the information of thousands of malwares which are in the network has gathered and analyzed and checked. He said: “Statistics and information about the malwares within the country has been gathered”.
Alipour said that the numbers of these malwares are too many and continued this number is growing exponentially.
He referred to the identified cases and added: “The list of companies and organizations that their computers infected has been prepared. We will inform them and expect they clean them”.